Tag Archives: Fusion Centers

Ten months ago, Digital Fourth submitted a public records request to Boston’s fusion center, the Boston Regional Intelligence Center. It took two appeals to the Secretary of State to get it, but we finally got a response.

The states operate a network of 78 fusion centers across the nation, which coordinate intelligence-related information between federal agencies and state and local law enforcement, in the name of thwarting terrorist attacks. They have never, to anyone’s knowledge, actually thwarted one, and they have become bywords in Washington for waste and ineffectiveness. Previously, we reported on constitutional violations and the results of a FOIA request at Massachusetts’ “Commonwealth Fusion Center”, operated by the State Police; now it’s the turn of Massachusetts’ other fusion center, headquartered at the Boston PD.

The most interesting document we received is the “2013 Fusion Center Assessment Individual Report: Boston Regional Intelligence Center”. This report was heavily redacted, but luckily the State of Colorado has posted on its website an unredacted 2014 report from Colorado’s fusion center that is absolutely identical in format to the Boston report we received, rendering all of the redactions in the Boston report moot. So if you’d like to understand what the BRIC didn’t want us to see, read on.

No, what’s really got House Republicans in a lather about DHS is realizing that something “must-pass” like a DHS funding bill would be a great vehicle for a poison-pill amendment overturning the President’s executive actions on immigration. So they sent that bill up to the Senate, and Senate Republicans, needing five Democratic votes to push through a DHS funding bill, somehow can’t find any Democrats willing to commit electoral hara-kiri with their own base in order to please the Republicans’ base. Go figure!

As a result, in two weeks’ time the DHS will run out of money, and apologists for the security state are beginning to panic – but they’re having trouble getting their stories straight. Sen. Lindsey Graham (R-SC) warns us all, “We can’t go too far here because look what happened in Paris.” Sen. John McCain (R-AZ) fulminates, “We can’t shut down the DHS. Not with the threats the homeland is subjected to as a result of the rise of ISIS.” [Note: There is no threat to “the homeland” from ISIS.] For God’s sake, the TSA might run out of money! What an awful shame that would be!

The DHS is a failure. It was a bad idea to begin with, coming out of the incorrect notion that the 9/11 attacks could have been prevented by “joined-up intelligence.” It never made sense to yoke the Coast Guard, FEMA, and the customs/border/transportation security/immigration agencies awkwardly together. DHS has always been poorly managed. It just layers an extra frosting of highly remunerated officials on top of agencies that would do just as fine where they were before. So let’s take a closer look at what a sensible structure would look like.

For who-knows-how-many years, the Drug Enforcement Administration has been using Automatic License Plate Recognition software to create a national database of the driving habits of ordinary citizens not suspected of a crime, according to documents obtained by the American Civil Liberties Union through the Freedom of Information Act. The documents describe the state of the surveillance effort as of 2009, leaving us wondering just how vast it could be today.

This vehicle tracking program originated near border crossings in the southwestern United States but has grown into a nation-wide project. It is a joint effort between the DEA and local, state, and federal law enforcement agencies throughout the United States. The surveillance program has been alluded to in Congressional testimony every once in a while through the years, but has yet to be fully understood. The documents released by the ACLU, despite being heavily redacted, shine some much-needed light on the interests and priorities of the DEA and federal law enforcement agencies in general. As of 2009, at least 100 license plate readers had been deployed in states like California, Arizona, New Mexico, Texas, Florida, Georgia, Nevada and New Jersey.

And we should be concerned. According to the ACLU:

These records . . . offer documentation that this program is a major DEA initiative that has the potential to track our movements around the country. With its jurisdiction and its finances, the federal government is uniquely positioned to create a centralized repository of all drivers’ movements across the country — and the DEA seems to be moving toward doing just that. If license plate readers continue to proliferate without restriction and the DEA holds license plate reader data for extended periods of time, the agency will soon possess a detailed and invasive depiction of our lives.

Note: These methods are not foolproof. Even if you take every precaution described below, you should still assume that you are being watched, tracked, and recorded. Act accordingly.

I. Leave your cellphone at home. It is safe to assume that “Stingrays” (also known as “cell site simulators” or “IMSI catchers”) are being used at every #BlackLivesMatter protest around the country. These devices trick your phone into connecting to them by simulating a cell tower, allowing law enforcement to intercept your text messages and phone calls as well as your location information and International Mobile Subscriber Identity (your phone’s unique identifier). They are small enough to be mounted on vehicles and can even be placed on airplanes and helicopters to track protesters from the sky. It is probably best to leave your cellphone at home. If this is impractical for you, you might want to consider using secure messaging apps such as Wickr or TextSecure. Note that as long as your phone is turned on, your location information and IMSI information can still be intercepted.

II. Avoid exposing your face to cameras. Police love to video record protesters exercising their First Amendment rights. Unless you want to run the risk of having images of your face uploaded to a network of shadowy databases to be matched with driver’s license photographs and other government records for tracking purposes, it is wise to consider covering up your face or applying face paint in a manner that prevents facial recognition software from identifying you. Some believe covering your face is cowardly, but if the choice is between being indexed in a virtually boundless, unaccountable surveillance system and the right to protest anonymously without retribution, I’ll take the latter any day.

III. Avoid advertising your location or other personal information on social media. Fusion centers and police departments like to track people using social media geolocation software to track social media posts in real-time. This is likely one of the tools used by the Massachusetts fusion centers for tracking #BlackLivesMatter protesters in Boston. You may want to avoid using social media altogether while at a protest; but if you feel the need, it might be a good idea to create a fake account to make it a little more difficult for spies to monitor you.

IV. Use PGP for encrypted emails. Encryption is your friend. “PGP” stands for “Pretty Good Privacy”, and it holds true to its name. Think of PGP as an airtight container that keeps your emails away from the eyes of anyone except the intended recipient(s). Sure, it can be a little tough to set up, but once you have it installed, it’s actually very easy to use.

Here is a guide to installing PGP for Mac OS X.Here is a guide to installing PGP for Windows and GNU/Linux.

V. Use Tor and/or a VPN. Tor is free software that provides anonymity by routing your Internet activity through a series of other users running Tor relays. The goal is to prevent eavesdroppers from seeing the web pages you visit by bouncing your connection around the network, making it appear as if you are accessing the Internet from a completely random location. Similarly, Virtual Private Networks route your connection through a server of your choice, making it appear as if you are connecting to the Internet from France, Canada, Sweden, or pretty much anywhere. Unlike Tor, good VPNs are not free, but they can be as inexpensive as $3.33 per month.

The United States has a well-developed jurisprudence for dealing with people who make threats. The default presumption, thanks to the First Amendment, is that any speech, even speech that is frightening, prejudiced or factually wrong, is legal. Even a generic desire for the President to die has First Amendment protection. The key precedents here are Watts v. United States and Brandenburg v. Ohio, both from 1969. In Watts, an 18-year-old remarked during a rally against the draft that:

“They always holler at us to get an education. And now I have already received my draft classification as 1-A and I have got to report for my physical this Monday coming. I am not going. If they ever make me carry a rifle the first man I want to get in my sights is L. B. J.”

The ruling suggested that this was protected as merely ‘a kind of very crude offensive method of stating a political opposition to the President’, of a kind still very familiar to us today. Those prosecuted for threatening the President over the last few years have typically had additional evidence of actual conspiracy to commit murder.

In Brandenburg, a KKK leader’s advocacy of ethnic violence was ruled to be protected by the First Amendment, because it was not “directed to inciting” or “likely to incite, imminent lawless action.” There must be some specificity as to the time that the lawless action is to occur; it cannot simply be a generalized articulation of the need for violence at some future time. It must be, in other words, a so-called “true threat.”

These rulings have stood essentially unmodified for nearly half a century. They are also a lot more protective of threatening speech than most people, including surveillance state employees, casually assume. One result of that assumption is that surveillance agencies pro-actively monitor social media, and open investigations on the basis of First Amendment-protected threats they encounter, when the constitutionality of doing so is at best highly suspect.

Here’s a question: How much of a national security threat are people protesting the non-indictment of Ferguson police officer Darren Wilson for killing Michael Brown?

If you answered, There’s no national security threat; they’re exercising their First Amendment rights, which should be celebrated, then you’re obviously a pre-9/11-American, which is enough to get you disinvited from the major TV propaganda shows.

Vermont Public Radio does the spadework to find out whether automated license plate surveillance systems offer a reasonable return on investment:

“…Even with the millions of scans, the system has not led to many arrests or breakthroughs in major criminal investigations. […] They were helpful in solving fewer than five crimes in 2013. [Officer] Cram [of Winooski PD] says the federally-funded ALPR is a valuable tool, even though he doesn’t think the city would have put up $25,000 of its own money to buy one.“

At a cost of “over $1 million” over five years, that works out at around $50,000 per crime solved.[Note: Initial calculations of $40,000 per crime solved were based on an inaccurate figure of five crimes solved.]

At a rate of $50,000 per crime, you could hire one part-time police officer, and I suspect that that part-time police officer would solve more than one crime per year. So what gives?

This is what gives, for ALPR, for surveillance cameras, and for military surplus equipment. Police departments count the cost of new surveillance equipment at zero, even when it’s not (taxpayers ultimately pay). It’s hard for police chiefs to turn down free, even if free offers only the most marginal prospect of reducing crime. But it says everything about the utility of this technology that, had the City of Winooski been asked to put up its own money, Officer Cram thought that they wouldn’t have done it. Oh – and I almost forgot to mention – as the article mentions, the entity charged with managing the data from this boondoggle is, naturally, the Vermont fusion center.

Following on from the Sandy Hook school shooting, the “Massachusetts Task Force on School Safety and Security” released a report in July. As you’d expect from a report written with plenty of police input and none from the civil liberties community, it recommends changes that are highly intrusive, probably ineffective, definitely expensive, and likely to benefit police more than they benefit students.

Of course, that’s not how it’s being reported. Local papers, including my own, are portentously explaining how this is all “for the kids” and will “keep them safe” (I’d link to the Belmont Citizen-Herald’s exhaustive coverage, but it’s not up yet).

Nothing school districts can do will change these things. However, in fear that they ought to be doing something, it’s very possible for school districts to misdirect funds better spent on education, and impose inappropriate systems of surveillance and control.

Without your knowledge or permission, your smartphone’s calls could be being intercepted right now by your local police department, and your taxes are definitely being misused to pay for unconstitutional police snooping.

We have reported before on “stingrays”, which started being used by local police departments in around 2006. These devices impersonate a cellphone tower and intercept the calls that would otherwise flow to other actual nearby towers. Initially bulky, stingrays can now be laptop-sized or smaller, and the most advanced models are light enough to be carried by drones. Police departments conceal their use of this technology when applying for warrants to conduct surveillance, so judges can’t distinguish between applying for a “regular” interception on an individual phone and a stingray interception which gathers all traffic from nearby cellphone towers. The devices’ main manufacturer, Harris Corporation, even obliges police departments contractually to conceal their use of stingrays. The Obama administration is so keen to preserve the cloak of secrecy around stingrays that they sent in the US Marshals to prevent the ACLU from obtaining documents relating to stingray use by a north Florida police department. The courts are beginning to recognize the intrusive nature of cellphone tower dump data, but have not yet grappled with the fact that using stingrays, law enforcement don’t have to ask a cellphone company for the data; they can just suck it up without permission.

Now there is a new way to rip that cloak. Popular Science quotes the CEO of ESD America, which manufactures the $3,500 “CryptoPhone 500″, eagerly describing how his phones could detect when stingrays were being used in their vicinity. While testing the CryptoPhone 500 in August, users found 17 sites around the country where stingrays appeared to be being used on passersby. They could detect the use of stingrays because stingrays downgrade your connection from 4G to the less secure 2G and then turn off your phone’s encryption. Normal Android smartphones or IPhones are oblivious to this process.

Twitter users have been speculating whether these 17 sites map onto the sites of fusion centers around the country. Since we’re familiar with both stingrays and fusion centers, we can say conclusively that they don’t. Most sites seem to be in commercial areas, not around fusion center or military locations. ESD is not providing the precise site locations, and stingrays’ mobility further complicates the process of detecting them. We think that CryptoPhone users have captured what is likely to be only a small subset of stingray usage not by fusion centers, or by the NSA, but by regular local police departments around the nation. We’re supporting the efforts of researchers like Muckrock who want to get more transparency about stingray use by police departments, and to keep an eye out for proposals in your community to “upgrade” police department technology.

So, do we all have to go out and upgrade to the CryptoPhone 500 in order to feel safe in our communications? Well, no; there’s another, cheaper way to find out whether the government is using stingrays in your community.

Mr. Prigoff was president of a division of all-American jeans maker Levi Strauss and a VP at tasty bread maker Sara Lee. In his retirement, he apparently likes taking photos of public art, which of course, because WE HAVE FREEDOM HERE DAMMIT, he can pursue happily unmolested by law enforcement.

The Joint Terrorism Task Force takes, let’s say, a different perspective on Mr. Prigoff’s innocent retirement hobby. To JTTF, this skulking-around-taking-photographs-of-things behavior is SUSPICIOUS ACTIVITY. Consequently, after he had taken photos of the Rainbow Swash in Dorchester and had gotten home to Sacramento…

Post Navigation

Events in MA This Week

Harvard Book Store: Bruce Scheier discusses mass surveillance and his latest book, "Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World." This event is free; no tickets are required.